JPH09153896A - Communication transfer controller, network system and network management system - Google Patents
Communication transfer controller, network system and network management systemInfo
- Publication number
- JPH09153896A JPH09153896A JP7308758A JP30875895A JPH09153896A JP H09153896 A JPH09153896 A JP H09153896A JP 7308758 A JP7308758 A JP 7308758A JP 30875895 A JP30875895 A JP 30875895A JP H09153896 A JPH09153896 A JP H09153896A
- Authority
- JP
- Japan
- Prior art keywords
- communication
- organization
- communication transfer
- transfer control
- control device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
【0001】[0001]
【発明の属する技術分野】本発明は計算機ネットワーク
の使用方法に係わり、特に従来は集中して管理する必要
のあった、計算機間の通信許可・不許可の情報を分散管
理する機能を有する通信転送制御装置、ネットワークシ
ステム及びネットワーク管理方式に関する。BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method of using a computer network, and more particularly, to a communication transfer having a function of decentralized management of communication permission / non-permission information between computers, which has conventionally required centralized management. The present invention relates to a control device, a network system, and a network management system.
【0002】[0002]
【従来の技術】従来、組織の計算機ネットワークを広域
ネットワークに接続し、別組織との通信を広域ネットワ
ークを介して行う場合、組織内のどの計算機と組織外の
どの計算機の通信を許可するかの情報は、組織のネット
ワークと広域ネットワークを結ぶ通信転送制御装置が一
括管理していた(例えば、特開平4ー237252号公
報参照)。2. Description of the Related Art Conventionally, when a computer network of an organization is connected to a wide area network and communication with another organization is performed via the wide area network, which computer within the organization and which computer outside the organization are permitted to communicate with each other? Information was collectively managed by a communication transfer control device that connects an organization's network and a wide area network (see, for example, Japanese Patent Laid-Open No. 4-237252).
【0003】[0003]
【発明が解決しようとする課題】上記従来技術では、大
きな組織において通信許可の情報が一括して管理しきれ
ないといった欠点があった。すなわち、大きな組織で
は、組織内のどの計算機と、組織外のどの計算機の組合
せに対して通信を許可するかの判定は、組織内の該当計
算機の管理者のみ把握可能となりがちであり、一括管理
は困難であった。The above-mentioned prior art has a drawback that communication permission information cannot be collectively managed in a large organization. In other words, in a large organization, only the administrator of the relevant computer in the organization tends to be able to determine which computer in the organization and which computer outside the organization the communication is allowed to be determined by. Was difficult.
【0004】本発明の目的はこの問題点を解決するため
に、組織内のどの計算機と、組織外のどの計算機の組合
せに対して通信を許可するかの情報を、担当部署毎に判
断・設定する仕組みを与えることにより、管理を簡便化
することにある。In order to solve this problem, an object of the present invention is to determine and set information for each computer in the organization and which computer outside the organization is permitted to communicate, for each department in charge. The purpose is to simplify management by providing a mechanism to do so.
【0005】[0005]
【課題を解決するための手段】上記目的は、計算機間の
通信を許可するか否かの判定条件または判定結果を複数
通信転送制御装置間で情報交換する仕組みを持つ通信転
送制御装置を用意することにより達成される。The above-mentioned object is to provide a communication transfer control device having a mechanism for exchanging information between a plurality of communication transfer control devices for a determination condition or a determination result as to whether or not communication between computers is permitted. It is achieved by
【0006】広域ネットワークと接続した組織内部のネ
ットワークシステムにおいては、別組織との通信を広域
ネットワークを介して行う場合に、組織内のどの計算機
と組織外のどの計算機の通信を許可するかの情報を、複
数の通信転送制御装置間で情報交換し、組織内部の該当
計算機を担当する通信転送制御装置が、組織内部のネッ
トワークを広域ネットワークとを直接接続する通信転送
制御装置に接続可否の判定を伝える仕組みを持つ。[0006] In a network system inside an organization connected to a wide area network, information on which computer within the organization and which computer outside the organization are permitted to communicate when communication with another organization is performed via the wide area network. Information is exchanged between a plurality of communication transfer control devices, and the communication transfer control device in charge of the computer inside the organization judges whether the network inside the organization can be connected to the communication transfer control device that directly connects to the wide area network. Have a mechanism to convey.
【0007】また、広域ネットワークと接続した組織内
部のネットワーク管理方式においては、別組織との通信
を広域ネットワークを介して行う場合に、組織内のどの
計算機と組織外のどの計算機の通信を許可するかの情報
を、複数の通信転送制御装置間で情報交換し、組織内部
の該当計算機を担当する通信転送制御装置が、組織内部
のネットワークを広域ネットワークとを直接接続する通
信転送制御装置に接続可否の判定を伝え、その情報によ
り実祭の接続判断を行う。In addition, in the network management system inside the organization connected to the wide area network, when communication with another organization is performed via the wide area network, communication between which computer inside the organization and which computer outside the organization is permitted. Whether or not the communication transfer control device that exchanges this information among a plurality of communication transfer control devices and is in charge of the computer inside the organization can connect the network inside the organization to the communication transfer control device that directly connects the wide area network. The decision to connect to the festival is made based on the information.
【0008】[0008]
【発明の実施の形態】以下、本発明の1実施例を図面を
参照して説明する。DESCRIPTION OF THE PREFERRED EMBODIMENTS One embodiment of the present invention will be described below with reference to the drawings.
【0009】図1は、本発明を利用した計算機ネットワ
ーク上での通信路確立の概念図である。現在広域ネット
ワーク6、組織内ネットワーク7、部署LAN8としてはイ
ンターネット等TCP/IP技術をベースにしたものが多く、
広域ネットワーク6と組織内ネットワーク7の間にいわ
ゆるゲートウェイまたはルーターと呼ばれる通信転送制
御装置9を設置し、組織内部に設置された計算機8aと
取り引き先計算機5が通信可能なように設定する。本発
明においても同じTCP/IPベースの環境および類似機能を
持ったネットワーク環境を想定する。本発明において
は、取り引き先計算機5から接続要求1(通常、発信IP
アドレス、受信IPアドレス、サービス番号、通信内容か
らなる)がゲートウェイすなわち通信転送制御装置9に
送られてきた時に、受信IPアドレスの管理を担当する通
信転送制御装置10に接続の可否の判断を依頼し(図1
判断依頼2)、接続が承認(図1接続承認3)された場
合、通信内容を通信転送制御装置10に転送することに
より通信路を確立する(図1通信路確立4)。FIG. 1 is a conceptual diagram of establishing a communication path on a computer network using the present invention. Currently, there are many wide area networks 6, organizational networks 7, and department LANs 8 based on TCP / IP technology such as the Internet.
A communication transfer control device 9, which is a so-called gateway or router, is installed between the wide area network 6 and the intra-organization network 7 so that the computer 8a installed inside the organization and the trading destination computer 5 can communicate with each other. The present invention also assumes the same TCP / IP-based environment and a network environment having similar functions. In the present invention, the connection request 1 (usually the outgoing IP
Address, received IP address, service number, and communication contents) is sent to the gateway, that is, the communication transfer control device 9, requests the communication transfer control device 10 in charge of management of the received IP address to determine whether or not connection is possible. (Fig. 1
If the connection is approved (decision request 2) and the connection is approved (connection approval 3 in FIG. 1), the communication path is established by transferring the communication content to the communication transfer control device 10 (communication path establishment 4 in FIG. 1).
【0010】図2は、本発明を利用した通信転送制御装
置の接続可否判断の処理例である。今、通信転送制御装
置9に外部の計算機から接続要求1が送られてきたとす
る。例えば、この時の接続要求1の内容が 発信IPアドレス 192,168.11.22 受信IPアドレス 133.144.33.11 サービス番号 21 であったとする。通信転送制御装置9は図2に例示した
アルゴリズムに従いIPアドレスと担当の通信転送制御装
置名を記憶した表1を検索する。FIG. 2 is an example of a process for determining whether or not a communication transfer control device using the present invention can be connected. Now, suppose that the connection request 1 is sent from the external computer to the communication transfer control device 9. For example, assume that the content of the connection request 1 at this time is the source IP address 192,168.11.22 and the reception IP address 133.144.33.11 service number 21. The communication transfer control device 9 searches Table 1 storing the IP address and the assigned communication transfer control device name according to the algorithm illustrated in FIG.
【0011】[0011]
【表1】 [Table 1]
【0012】表1は、IPアドレスと担当の通信転送制御
装置名の表の例であり、表中のXXはどの数値にも一致す
ると判断される特別な数値である。この表1は各通信転
送制御装置に適当な記憶装置を備えることで簡単に実装
可能である。Table 1 is an example of a table of IP addresses and assigned communication transfer control device names, and XX in the table is a special numerical value that is determined to match any numerical value. This table 1 can be easily implemented by equipping each communication transfer control device with an appropriate storage device.
【0013】表1によれば受信IPアドレス 133.144.3
3.11 を担当する通信転送制御装置は通信転送制御装置
10である(受信IPアドレス133.144.33.11は、表1の13
3.144.33.XXと一致)ので、上記接続要求1の内容(発信I
Pアドレス、受信IPアドレス、サービス番号)は通信転送
制御装置10に転送され、通信転送制御装置10が、や
はり図2に例示したアルゴリズムに従い表1を検索す
る。According to Table 1, the received IP address 133.144.3
The communication transfer control device in charge of 3.11 is the communication transfer control device 10 (reception IP address 133.144.33.11 is 13 in Table 1).
Since it matches 3.144.33.XX), the contents of the above connection request 1 (outgoing call I
(P address, received IP address, service number) is transferred to the communication transfer control device 10, and the communication transfer control device 10 searches Table 1 according to the algorithm also illustrated in FIG.
【0014】今、通信転送制御装置10にも表1として
通信転送制御装置9の表1と同じ内容が記憶されていた
とする。この場合、通信転送制御装置10はIPアドレス
と接続が許可・拒否されるサービス番号の組合せを記憶
した表2を検索する。Now, it is assumed that the same contents as Table 1 of the communication transfer control device 9 are stored in the communication transfer control device 10 as Table 1. In this case, the communication transfer control device 10 searches Table 2 which stores the combination of the IP address and the service number for which the connection is permitted or denied.
【0015】[0015]
【表2】 [Table 2]
【0016】この場合は接続承認(発信IPアドレス192,1
68.11.22と表2中192.168.XX.XXが一致し、受信IPアド
レス133.144.33.11と表2中133.144.33.XXが一致し、サ
ービス番号21と表中XXが一致)し判断結果(図1接続承認
3)を通信転送制御装置9に通知する。通信転送制御装
置9は、接続が承認されたので、通信内容を通信転送制
御装置10に転送する事で通信路を確立する(図1通信
路確立4)。In this case, the connection approval (source IP address 192,1
68.11.22 matches 192.168.XX.XX in Table 2, the received IP address 133.144.33.11 matches 133.144.33.XX in Table 2, service number 21 matches XX in the table, and the judgment result (Fig. The communication transfer controller 9 is notified of 1 connection approval 3). Since the connection has been approved, the communication transfer control device 9 establishes the communication path by transferring the communication content to the communication transfer control device 10 (communication path establishment 4 in FIG. 1).
【0017】上記実施例においては、簡単のため、接続
可否を判定する通信転送制御装置10と、通信内容が送
られる通信転送制御装置10が同じであったが、別でも
良い。また、ゲートウェイである通信転送制御装置9か
ら接続判定の依頼を受けた通信転送制御装置10は、即
座に表2により接続可否を判定したが、この構成は多段
でも良い。すなわち通信転送制御装置9の表1には部毎
の情報を管理する通信転送制御装置を記憶しておき、部
毎の情報を管理する通信転送制御装置の表1には課毎の
情報を管理する通信転送制御装置を記憶しておき、実際
の判定は課毎の情報を記憶している通信転送制御装置に
おいて行うような多段構成をとっても良い。In the above embodiment, for simplicity, the communication transfer control device 10 for determining whether connection is possible and the communication transfer control device 10 for transmitting communication contents are the same, but they may be different. Further, the communication transfer control device 10, which has received the connection determination request from the communication transfer control device 9 which is the gateway, immediately determines whether or not the connection is possible according to Table 2, but this configuration may have multiple stages. That is, Table 1 of the communication transfer control device 9 stores the communication transfer control device that manages information for each department, and Table 1 of the communication transfer control device that manages information for each department manages information for each section. The communication transfer control device to be stored may be stored in advance, and the actual determination may be performed in the communication transfer control device which stores the information for each section.
【0018】また、上記実施例においては、ゲートウェ
イである通信転送制御装置9は個々の接続要求があった
時に、接続可否の判定を担当する通信転送制御装置10
に接続可否を問い合わせていたが、通信転送制御装置1
0の設定内容が変更された時に変更内容をゲートウェイ
である通信転送制御装置9に伝達するようにし、個々の
接続要求があった時には、事前に伝達された内容により
接続可否を判定しても良い。Further, in the above embodiment, the communication transfer control device 9, which is a gateway, is in charge of determining whether or not connection is possible when each connection request is made.
I was inquiring about the connection availability, but the communication transfer control device 1
When the setting content of 0 is changed, the changed content is transmitted to the communication transfer control device 9 which is the gateway, and when there is an individual connection request, the connection propriety may be determined based on the previously transmitted content. .
【0019】[0019]
【発明の効果】以上の実施例で明らかなように,本発明
によれば、従来技術の、大きな組織においては通信許可
の情報が一括して管理しきれないといった欠点を解消
し、組織内のどの計算機と、組織外のどの計算機の組合
せに対して通信を許可するかの情報を、担当部署毎に判
断・設定することができる。As is apparent from the above-described embodiments, according to the present invention, the drawback of the prior art that communication permission information cannot be managed collectively in a large organization is solved, and It is possible to determine and set, for each department in charge, information about which computer and which combination of computers outside the organization permits communication.
【図1】本発明を利用した計算機ネットワーク上での通
信路確立の概念図。FIG. 1 is a conceptual diagram of establishing a communication path on a computer network using the present invention.
【図2】本発明を利用した通信転送制御装置の接続可否
判断の処理フロー図。FIG. 2 is a processing flow chart of a connection availability judgment of a communication transfer control device using the present invention.
Claims (3)
置において、計算機間の通信を許可するか否かの判定条
件または判定結果を複数通信転送制御装置間で情報交換
する仕組みを持つことを特徴とする通信転送制御装置。1. A communication transfer control device for transferring communication between computers, having a mechanism for exchanging information between a plurality of communication transfer control devices for a determination condition or determination result as to whether or not communication between computers is permitted. Characterized communication transfer control device.
ットワークシステムにおいて、別組織との通信を広域ネ
ットワークを介して行う場合に、組織内のどの計算機と
組織外のどの計算機の通信を許可するかの情報を、複数
の通信転送制御装置間で情報交換し、組織内部の該当計
算機を担当する通信転送制御装置が、組織内部のネット
ワークを広域ネットワークとを直接接続する通信転送制
御装置に接続可否の判定を伝える仕組みを持つことを特
徴とするネットワークシステム。2. In a network system inside an organization connected to a wide area network, when communication with another organization is performed via the wide area network, which computer within the organization and which computer outside the organization are allowed to communicate. Information is exchanged between multiple communication transfer control devices, and the communication transfer control device in charge of the computer inside the organization determines whether or not the network inside the organization can be connected to the communication transfer control device that directly connects the wide area network. A network system characterized by having a mechanism for transmitting information.
ットワーク管理方式において、別組織との通信を広域ネ
ットワークを介して行う場合に、組織内のどの計算機と
組織外のどの計算機の通信を許可するかの情報を、複数
の通信転送制御装置間で情報交換し、組織内部の該当計
算機を担当する通信転送制御装置が、組織内部のネット
ワークを広域ネットワークとを直接接続する通信転送制
御装置に接続可否の判定を伝え、その情報により実祭の
接続判断を行うことを特徴とするネットワーク管理方
式。3. In a network management system within an organization connected to a wide area network, when communication with another organization is performed via the wide area network, which computer within the organization and which computer outside the organization are allowed to communicate. Information is exchanged between multiple communication transfer control devices, and the communication transfer control device in charge of the computer inside the organization determines whether or not the network inside the organization can connect to the communication transfer control device that directly connects the wide area network. A network management method that communicates the judgment and uses the information to judge the connection at the festival.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP7308758A JPH09153896A (en) | 1995-11-28 | 1995-11-28 | Communication transfer controller, network system and network management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP7308758A JPH09153896A (en) | 1995-11-28 | 1995-11-28 | Communication transfer controller, network system and network management system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| JPH09153896A true JPH09153896A (en) | 1997-06-10 |
Family
ID=17984945
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP7308758A Pending JPH09153896A (en) | 1995-11-28 | 1995-11-28 | Communication transfer controller, network system and network management system |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JPH09153896A (en) |
-
1995
- 1995-11-28 JP JP7308758A patent/JPH09153896A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5511168A (en) | Virtual circuit manager for multicast messaging | |
| US7103032B2 (en) | Telephone controller for VoIP | |
| US6111883A (en) | Repeater and network system utilizing the same | |
| JP2004072766A (en) | System for providing access control platform service to private network | |
| CN106713499A (en) | Load balancing method, equipment and system | |
| JP2001313676A (en) | Multiplex speech system and its method through local ip network | |
| US20040076121A1 (en) | Method for an internet communication | |
| JP4576115B2 (en) | VoIP gateway device and method for controlling call arrival and departure in VoIP gateway device | |
| CA2213043C (en) | Non-broadcast multi-access network system capable of carrying out transmission of a next hop resolution protocol packet without setting internet protocol addresses | |
| US20030120767A1 (en) | Network and wireless LAN authentication method used therein | |
| US5920567A (en) | Network related information transfer method for a connection device, and a data communication system | |
| US7664121B2 (en) | Method and router for switching data between a local area network and an external appliance | |
| JP2001345850A (en) | Method and system for centralized management of call control data for call agent | |
| WO2001024460A1 (en) | Intelligent data network router | |
| JP2002518904A (en) | Flexible call routing system | |
| JPH09153896A (en) | Communication transfer controller, network system and network management system | |
| JP3999353B2 (en) | Method and system for determining communication path in computer network, and recording medium on which program is recorded | |
| JPH0758771A (en) | Address managing device | |
| JP3771523B2 (en) | Gateway device | |
| JPH09198293A (en) | Wide area data base management system | |
| JPH1146248A (en) | Personal communication distributed control system | |
| KR20010049089A (en) | Apparatus and method for managing data communication in simplified electronic exchange | |
| US20040172560A1 (en) | Stream server apparatus, program, and NAS device | |
| JPH0728308B2 (en) | Communication network interconnection device | |
| EP1519555A2 (en) | Terminal usage authorisation in a packet-network telephony system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20040525 |
|
| A521 | Written amendment |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20040721 |
|
| A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20040817 |
|
| A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20041214 |